How to secure the cloud

With support from the National Science Foundation, cryptography expert Daniel Wichs, an assistant professor in the College of Computer and Information Science, will work as part of a multi-university team to develop better encryption techniques to improve cloud security.

For many of us, the pri­mary reason we use “the cloud” is for storage—whether it’s storing email through ser­vices like Gmail and Yahoo!, photos on Flickr, or per­sonal doc­u­ments on Dropbox. Many orga­ni­za­tions like hos­pi­tals and banks uti­lize the cloud to store data on patient and cus­tomer information.

But there’s also a com­pu­ta­tional side to the cloud that comes into play when, say, we search for an old email or per­form com­plex analyses of large vol­umes of data stored there.

Regard­less of the sce­nario, it’s clear that pre­cious per­sonal infor­ma­tion is stored in the cloud, and we’d like to think it’s secure up there. Enter Daniel Wichs, an assis­tant pro­fessor in the Col­lege of Com­puter and Infor­ma­tion Sci­ence. He is part of a multi-​​university research team that is working to make sure the cloud is as secure as pos­sible. The project is sup­ported by a grant project announced Thursday by the National Sci­ence Foundation’s Secure and Trust­worthy Cyber­space pro­gram and is a part of a larger NSF effort to sup­port foun­da­tional cyber­se­cu­rity research and education.

The col­lab­o­ra­tive “Fron­tier” project includes researchers from North­eastern, Boston Uni­ver­sity, the Mass­a­chu­setts Insti­tute of Tech­nology, and the Uni­ver­sity of Con­necticut. The team will deploy and test the mech­a­nisms they develop in this project using the Mass­a­chu­setts Open Cloud—a part­ner­ship of state gov­ern­ment, industry, and uni­ver­si­ties including North­eastern that is designed to create a new public cloud com­puting mar­ket­place to help spur innovation.

“We’re devel­oping tools at all levels of the system,” said Wichs, a cryp­tog­raphy expertwho will focus his efforts on this area of the project.

“Encryp­tion,” he explained, “is a pro­ce­dure we’ve been thinking about basi­cally since the dawn of time, but we’ve only had good ways of doing it since the 70s.” Until recently, even the best encryp­tion strate­gies were lim­ited when it comes to cloud com­pu­ta­tion, he said, adding that “The problem is that stan­dard ways of encrypting data render it use­less. Once encrypted, there is no way to per­form any com­pu­ta­tion over it.”

Patient data is a prime example. If a hos­pital wants to con­duct large-​​scale analyses on this infor­ma­tion, it is lim­ited to looking at local com­puters because fed­eral Health Insur­ance Porta­bility and Account­ability Act, or HIPAA, laws pre­vent it from sharing pri­vate details about patients with external enti­ties. The hos­pital can easily store encrypted patient infor­ma­tion, but it can’t uti­lize the increased com­pu­ta­tional powers of external com­puters to ana­lyze it because encryp­tion pre­vents that possibility.

In recent years, a new method for com­puting on encrypted data has come about that has the poten­tial to change all that. “I can send you encrypted data, you run the com­pu­ta­tion and then send me back the encrypted answer,” Wichs explained. “I can decrypt the answer because I have the secret key, but you never learn anything.”

This break­through presents great promise, but the approach is still too inef­fi­cient to be widely useful, Wichs said. With this grant, Wichs will try to change that. By devel­oping new the­o­ret­ical methods for encrypting data and per­forming com­pu­ta­tions on that data, he hopes to pro­vide a new level of secu­rity to cloud-​​based computing.

“We want to take a stan­dard pro­gram and con­vert it to work on encrypted data,” he said. Prior approaches needed to first con­vert the pro­gram into a much less effi­cient cir­cuit rep­re­sen­ta­tion before being able to eval­uate it on encrypted data. Wichs is working to build new encryp­tions schemes that can eval­uate stan­dard pro­grams directly.

The research project aligns with North­eastern emphasis on use-​​inspired research that solves global chal­lenges, par­tic­u­larly in the areas of secu­rity, health, and sustainability.

News@Northeastern is Northeastern University’s primary source of news and information. Whether it happens in the classroom, in a laboratory, or on another continent, we bring you timely stories about every aspect of life, learning and discovery at Northeastern. Contact the news team